Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.ch11.html

windows7-x64

1

Bv9ARM.ch11.html

windows10-2004-x64

1

Bv9ARM.ch12.html

windows7-x64

1

Bv9ARM.ch12.html

windows10-2004-x64

1

Bv9ARM.ch13.html

windows7-x64

1

Bv9ARM.ch13.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch09.html

  • Size

    8KB

  • MD5

    79a61d9765533d2e32501608989fc835

  • SHA1

    60337d8050d421e3487c89b08088d08425c6fb1e

  • SHA256

    0bd409719960695175d97aff22f0e89f6d586629d01e88bb7cb852bf8b273459

  • SHA512

    ba00f16dd5ddc282f4c65bc7186e8498a82c75119ec260827d454d4c7cd4bfd3a5789eb21829048e91792316303f9690523d14c58f54a9fb92be45f4914e28f2

  • SSDEEP

    192:nyvOHbGtmNSSOHHX8/scDeaJrP1lkidkpx6+Zvx28w/:nyvO7MmYTXVGeat7MpRZwj

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch09.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3060
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3060 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2580

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7b1a9edd10889a8ee29cf82b01e8e105

    SHA1

    c1dbc045984b708885429fdd0b01cf9b1e591a3a

    SHA256

    5d216b6e0dd6b158f18440f4cd5957c960dacaac4013d985267319bea83ceaa1

    SHA512

    ebee7729734954d8e26b17a659f4a79ce0f4c778f37dab8ea70f329085aa683c43a4a7ef107c06992b58181346d374051659e5315fb7e10325a0bafeef659db1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3522b2d6b23aa73df106ffff850289f3

    SHA1

    026a4d006daceaecc867742bfc0d89ac91c99fca

    SHA256

    c2e230767913c7a86604d52e6f1fc5cec28a1753506b509de372fdbddbe7abad

    SHA512

    72528d6fef8730763e4530fe8d32c8bfc8536efe79063c434c6dd59ccc3098fa9811222fb88bbe85d0b1dc05d6b0f7801215554d2040f8015d23eedf094f17cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d3aa20a5f4b1e504e9ec0202edd19a26

    SHA1

    1931711ba43d5c0e951ad74c7d1a5972e3d14666

    SHA256

    f685aa4b20ca08dc4af7ecb1caa032dd08d4d446641f72957c01293ae5de2151

    SHA512

    77c9de5428b46345c1ecc238a56b510e6cc474909ce0d1cf6988f7a73c26a735bf19963885750289b22e5ed1c7a98c84dda351a072e99135e46096ac9b39b116

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    07b42c8d0807ffd5c73d67c5881592ad

    SHA1

    a57de8c4cbfbb0080ba1122f3f99a4a90e689aa2

    SHA256

    6d5fbaf91b849c8b17c0229169782f86a42adc0eff07b4567516f9e4ac705834

    SHA512

    a974010392494a0b1152774218d7417fce4a35ca74c876ee15efdda69664f6fd839ab002b58bedbad41aa5a449fa074d9df963f29751cafa8566d6e58b1d6a53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5f392f5913877e5332c563a4247be29b

    SHA1

    7007fd1289da635a672cd8766ec843685a516f32

    SHA256

    a4ffe5faf895626869f83e635e6b260e07fb25f1a03f6740ea3430a8c63164c7

    SHA512

    bd6609efdc2c57632ef0c068df6e670d586ed230b639b3ba43972940a42bb8227beb372512c46f71f5a1b08fbf836e187df47786b0cf6ae32290a1e3b157e52d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6522e19a8a7eb3616e1cd4ea1feba4b3

    SHA1

    50a339a7fa8b0f6d1769ece0c052e96fa5de2b32

    SHA256

    14de86c28633751c8e1c5a6c554b58b932ea465395f28d9152fc9e5820b47915

    SHA512

    53a49fc817a6b076c7045a20dc25ea1cce1994c23007d072b970fd88834b069555734141adf0b27f3d704c177067bd7b4face0b2592b62a8a5c5132dc1c38fc2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7dfa1893b50704921f3ee804c7942f39

    SHA1

    fc63bbf5cb5a89471c994307b3ef939b02fdf91c

    SHA256

    267125a9651ffa0a2ec9f2a04034efe06b61c594043de3ff46f28988fca2a086

    SHA512

    8fb829bfc48d39c81557775f8ac503fd5d8906fd96c359d990c2249bf79a28d3e36956a86d8813ca6bd713374fbd44e099f1490d5d1b9223bd7931c8896ae09e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    12ae67e55b022c3c6045713147754545

    SHA1

    3e2b417a4f1ab6edd2b4de5b88be368c5b0b5b88

    SHA256

    142f036a54537dd0baedcfe97fa42493bfc42c6ad9f9a3b6b21a4b54ed63e5a4

    SHA512

    f1360c5f1976cc7b9da29be510bf5aaada5bfbe36e2b628e1793ab08c3793d07f2fdec6fb80266b3956067f498f2674ab3b39c1e999c19f7be5ffa495e53a8a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d601f67656b97f5323a76229623f888c

    SHA1

    cc0c3d97d264698f4204e844914c6b8baf422bc2

    SHA256

    cb02a03ebee3821359628dbbc2ec30a323f83b89816f8b9d39a0067c5cea7e7e

    SHA512

    c84418307749f331e7d338351ec77764ada008405fea7ba9087b068d01f4c1fef624184733b999103f244d1b664b97c0c4cd8e1cf0168ec5a5e72d8763a06a86

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3b1fc5a10c4fdf8866814ecbc7a66748

    SHA1

    42da6f6549668d7b082e8379e4a02b65a1b5077e

    SHA256

    eac85b562f3166572acd954b77b9cb6905ba49edcddc695ee5fcd60c55c9bf14

    SHA512

    4bed8c9473ecba7f1461a05300a0931d3862fb737615af2c8ec485bdd485597b5d87def0868f9430e3608e89f6eea7d06eaf8c43cb82429391c86e0bf2abc4e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cd5cd7eb84162c23da380b3346f22617

    SHA1

    8633bd81778136d87a3a6f79917a4a548c46bcee

    SHA256

    55928aa627a47d6a5953b258dd2cd9cb5278c503a97bc37e487b48c34f121dee

    SHA512

    17756ad659d57add5af3a83dbefa20cbcf6b611c3b21aa30bf2468fa24cb774a9cd7263cffd0ee89a1222f09dd1ae5fa8e9e0a0033a981ba190d51f3706d1792

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cea65c09bedfd409cc1a2e9c9d722fdc

    SHA1

    ebc37d7cf1980467894bbbcfca84b0b52bb65ef9

    SHA256

    6ebe57c6b42039ca77682f101de7cfd3de284572b79199b092bc211534acbb2d

    SHA512

    ff1e221737d62d397140df18c7553a5fc0e840633d8071cd89911a3b4cce68989b07a21de6b34893c71c1ef8f4772055c2e1c7357ace8129da93df6d9005ce7e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    71410fd6d6c40b43bda48dec58f7910a

    SHA1

    6cabf8cd58f107ea3e5f6169e5db25ccca749285

    SHA256

    7f03612af923a8940f8cb03254523b7a240de203e1ec50eab3805519d67fd20a

    SHA512

    25aa400c3341c5f42b81ce20cae456fb75f4e708d631dee652223adf8fc77e59b55eaf3f8a53801cba7b70b0a965b22e64f7dc3f7887a3300fdf690e99169c9b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a4fbd509650347f84d731e3a1170c145

    SHA1

    75b7961040460727a5bf059e68e126e756bd2588

    SHA256

    3990a3295bfb41ce8c24a0a61409dfde533693a72dca2a16e69b0313d10b4a34

    SHA512

    bcb2a18953537c956becca0a2dc21e835bae1840c91b993fb2519f76e72638273651dbc673ca135d1517a6e6f8b049d72f0212805eb5c2d16d3a6fcb4344c3b4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e51a7f50b1b23e4dbb0305c2fa3b2de4

    SHA1

    ca3eca4899159d42f825a51ce4020018264fbe98

    SHA256

    dfa16ac88070628f39c9a3979de1ffb5924db22d4c3edd20e6517a48cf99d31b

    SHA512

    ec34a9548732fea56a5a618a6ccf80d97ab05a1665908d35bbd27e97b488669893701149d9ee9f29719c5eecf7d4e58419da0c2839f7ef9da65d6c5d9808bef9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f3c52d6b1a1f220717ae81db7a35a9cb

    SHA1

    e6c4f0d95cc238c57256c76532aac0dadb0dacde

    SHA256

    42b000ad7e16ffb53ef4e0e57c92344af1b3788119ca3530cb70566caf2932df

    SHA512

    a6122d3b49000902e01ad5faf3a7cd67988a9ece389e24d6d033037f4b0052770e1558707a641bdc06558207a95e1a80d03826b3d37013267c3419554c687921

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ff64e6f47d0ffa2846ca29895596d679

    SHA1

    40d5d69bf8249561ebd003a420de193a8b80da0c

    SHA256

    4ed1a4a7f5f8040308631638e75acb3ce0bd630e43317a8eea5c11ed30b23b36

    SHA512

    99efbac08066d3aad96a90b5f4aae18349078dfb96e439bff5d99ec429d0d21f67c6f89195a9eb465ee64d85dadc6d8800b08ff14378212532cefbf8f0399f5f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD3D6.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD436.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit